Professionally Evil

Professionally Evil's repositories

pewapt101

Professionally Evil Web Application Penetration Testing 101

NOASSERTION140 20 1

harpoon

A collection of scripts, and tips and tricks for hacking k8s clusters and containers.

Language:GoMIT133 10 8

C4

Cyberdelia, a Collection of Command and Control frameworks

Language:ShellGPL-3.066 9 20

client-side-attacks-lab

Lab Environment for learning client-side attacks such as CSRF, Clickjacking, XSS, and CORS abuse.

Language:HTML21 4 1

x86_asm

x86 Assembly Code Examples for Blog Posts

Language:AssemblyMIT15 40

LD_PRELOAD-rand-Hijack-Example

Code samples to go along with the blog post on using LD_PRELOAD to hijack rand() in a number guessing game.

Language:CMIT11 40

bash_tricks

a github repo that will be used for teaching bash optimizations in a youtube series

GPL-3.09 5 6

DVFPS

A Damn Vulnerable FPS game built using Godot

Language:GDScriptMIT9 5 4

nmap_oui_update

A script to download OUI data from the IEEE and parse it into the nmap-mac-prefixes file so Nmap has the latest OUI data.

Language:PythonMIT9 30

LD_PRELOAD-run-at-load-time

Code samples to go along with the blog post on how to run code at load/unload time when using LD_PRELOAD to inject libraries.

Language:CMIT8 40

DVMMO

Damn Vulnerable MMO; an mmo game that is deliberately vulnerable and maybe just maybe fun to play.

Language:GDScriptMIT6 5 4

SameSiteAttackDemo

A simple demo web app built with Svelte + Restify that is meant to demonstrate security aspects regarding the SameSite cookie flag.

Language:JavaScript6 50

k8s-labs

Language:JavaScript5 4 15

csik

Client Script Injection Kit

Language:Python4 40

CVE-2021-38295-PoC

A simple Python proof of concept for CVE-2021-38295.

Language:Python3 60

LD_PRELOAD-accept-backdoor

Code samples to go along with the blog post on how to create an LD_PRELOAD backdoor hooking accept()

Language:CMIT3 30

cookie-monster

Coming soon...

Language:JavaScriptMIT2 30

d0hnut

DNS over HTTPS Security Lab

Language:Shell2 5 2

edit_leaked_file_descriptor

An all-in-one tool to edit a leaked file descriptor in SetUID binaries.

Language:CMIT2 30

container-escape-labs

Some container escape labs

Language:Batchfile1 40

static-analysis-ttp

Language:ShellLGPL-3.01 6 3

blog-ansible-webservers

Repo for this blog: https://www.secureideas.com/blog/ensuring-web-security-via-ansible-apache

MIT040

blog-juiceshop-workshop

Repo for this blog post: https://www.secureideas.com/blog/juiceshop-workshop-in-less-than-5-minutes

Language:Python040

March-2021-KeyGenMe-Solution

This repo is to provide an example solution to the KeyGenMe challenge binary from March 2021.

Language:PythonMIT040

owasp-modsecurity-crs

OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)

Language:PerlApache-2.0010

packer-kali_linux

This is a repository that will be used to help create a process of a new kali vagrant box for hashicorp each month.

Language:ShellGPL-3.0000

tartar-sauce

Miscellaneous demos and scripts for user awareness campaigns

Language:JavaScript000

Top10

Official OWASP Top 10 Document Repository

Language:HTMLNOASSERTION010

webcast-cloudy-stealth

Infrastructure as Code repo that accompanies the Cloudy with a Chance of Stealth webcast

Language:HCLLGPL-3.0000

writeup_11_13_2020_challenge

A supporting repo for a blog post write-up of how to solve the November 13th, 2020 Detective Nevils Mystery Challenge.

Language:PythonMIT040